Cyber criminals are no longer satisfied stealing volumes of low-profit user information, such as credit card numbers. Today, these virtual criminals aggressively target manufacturers’ intellectual property or perform other acts of industrial espionage, thereby exposing confidential information. Manufacturers have never considered themselves targets for cyber criminals. Not surprisingly, few have taken more than modest action by their “IT Department” to secure files, records, and business systems. In recent years, small manufacturers have been targeted for “ransomware” attacks forcing ransom payments or re-creation of “locked” data. Downstream supply chain customers can also become unsuspecting collateral victims (target’s cyber breach comes through a vendor’s system). A compromised supply chain could result in a loss of business or customers.
Could your company withstand that kind of loss?
If your company is part of a U.S. Department of Defense supply chain, you are required to have certain security measures in place to be DFARS compliant. Manufacturers must recognize and understand that cyberattacks are real threats, and immediately begin to build up their resistance with strong countermeasures.
The PCA Technology Group, a WNY-based technology firm that has been in business since 1989, suggests there are some simple steps companies should undertake to protect their business from cyberattacks:
- Conduct an assessment to uncover internal and external risks.
- Regularly provide cybersecurity user awareness and social engineering education to all employees.
- Be sure that all employees understand the cybersecurity-related risks associated with browsing the Internet, using email, and working with USB drives.
- Collect only necessary data to limit the impact of a data breach; don’t keep personnel data longer than needed.
- Limit personnel access to computer systems containing sensitive client data.
- Secure mobile devices and laptops. Sensitive data transmitted by mobile devices and laptops should be encrypted.
- Keep computer software and operating systems up-to-date.
- Set up proper firewalls and secure wireless networks.
- Set rules for telecommuting employees to ensure they use protected systems away from the office.
- Immediately disable accounts of all former employees.
- Set a company-wide password policy, which includes complex and minimum-length passwords, along with regular password changes.
- Regularly and fully back up your data and keep those backups offsite in a secure manner.
- Establish a disaster recovery plan, which should allow you to continue to operate and serve your customers while you rebound and repair your systems in the situation where you were breached.
- Know your people; perform background checks when hiring employees.
- Properly screen and qualify contractors hired to install or service computers, software and networks.
- Establish policies, procedures and regular training; clearly communicate expectations to all company personnel.
If you need additional information, or would like to take the next step in preparing your organization to meet this unwelcomed challenge head on, please contact us at:
Web contact: http://www.insyte-consulting.com/contact-us